Combating Fraud: Approaches to Evaluate Effectiveness and Demonstrate Integrity

What GAO Found

In 2015, GAO issued A Framework for Managing Fraud Risks in Federal Programs (Fraud Risk Framework). The Fraud Risk Framework provides a comprehensive set of leading practices, organized into four components, for program managers to use when developing or enhancing efforts to combat fraud in a strategic, risk-based manner. These four components include (1) committing to combat fraud by creating an organizational culture, (2) planning and conducting risk assessments, (3) designing and implementing a strategy with specific control activities, and (4) evaluating and adapting fraud risk management activities. As noted in the Fraud Risk Framework, program managers need to understand the effectiveness of their fraud risk management activities and adjust their efforts to better protect their resources against fraud. However, our work has shown that agencies face challenges in effectively implementing leading practices, particularly those found in Component 4 of the Fraud Risk Framework. Agencies continue to face these challenges, despite requirements to use the Fraud Risk Framework's leading practices to manage fraud risks.

To aid program managers in these efforts, we developed this technical appendix to GAO's Fraud Risk Framework, which focuses on the implementation of Component 4: Evaluate Outcomes Using a Risk-Based Approach and Adapt Activities to Improve Fraud Risk Management. This appendix highlights various approaches that program managers have used, or could use, to evaluate and adapt fraud risk management activities described in the first three components of the Framework. These approaches can be modified to fit the circumstances and conditions relevant to different programs and activities. While the primary target audience is program managers in the U.S. federal government, the approaches may also be applicable to state, local, and foreign government agencies, as well as nonprofit entities, that are responsible for fraud risk management.

Why GAO Did This Study

Demonstrating strong internal controls and program integrity is important to protect taxpayer dollars and maintain public trust. In this way, evaluations can help agencies show the value of their fraud risk management activities. Program managers also need to understand the effectiveness of their fraud risk management activities so they can adjust their efforts to better protect their resources against fraud.

Component 4 of GAO's Fraud Risk Framework describes how agencies can use robust evaluations that are comprehensive in scope, incorporate a range of metrics and outputs beyond financial returns, and use stakeholder input to better understand program outcomes. While agencies may have varying levels of resources, program managers can tailor evaluations to align with available capacity and the specific activities being assessed.

To assist program managers with these efforts, we developed this technical appendix, which supplements and complements the Fraud Risk Framework. Specifically, we identified examples, methods, and considerations that can be used to help evaluate the effectiveness of fraud risk management activities.

For more information, contact Rebecca Shea at [email protected].